Is the “Here you have it” Virus Real, or Fake?

Yet another virus warning hit my email box today, this time with a question: is it real, or fake?

The email, like most of its kind, is a dire warning. It’s allegedly be “confirmed by Snopes”, and reports that a couple large companies are putting their weight behind it.

So, like we always do, let’s take this apart and see what’s real, what’s hype, and what you should do about it.

Anyone-using Internet mail such as…

The email starts by apparently limiting the applicability of its contents to “anyone using Internet mail, such as Yahoo, Hotmail, AOL, and so on”. “Internet Mail” could mean a couple things. Does that mean you have a Yahoo, Hotmail. or AOL email address? Of that you use one of those services to get your mail? Or that only those email clients are susceptible? Since virtually all email goes over the Internet, does it mean everyone?

This is a variant of what we call a “Red Herring”. It really has no bearing on the message itself, it’s just put there to add some really big names to the mix, apparently to add credibility to the message. Don’t get suckered in my tactics like this.

This information arrived this morning…

This kind of statement is used to lend a sense of urgency to the message.

“Ohmygosh, this just came out the moring! I have to warn everyone!”

In actuality, this particular item was first identified September 9th, 2010. So, “this morning” was actually quite a while ago.

Be wary of time-frames that don’t list actual dates. When in doubt, look it up.

Direct from both Microsoft and Norton

This warning purports to come “direct from both Microsoft and Norton”, but provides no links, names, or alerts, and provides no technical details as one would expect to come from either of these two sources.

Again, it has no bearing on the message itself, it’s just put there to add some really big names to the mix, apparently to add credibility to the message. Don’t get suckered in my tactics like this.

Send it to everybody you know who has Access to the Internet

Here’s your first red flag.

Any message that tells you to “send it to everybody” is generally just using scare tactics. They’re insulting your intelligence and employing a form of bullying and peer pressure. You won’t let them use these tactics to get you to take drugs, don’t stand for them over email, either.

You may receive an apparently harmless e-mail

The subject of this alleged email is “Here you have it”. The email states that it you “open the file, a message will appear on your screen saying: ‘It is too late now, your life is no longer beautiful….'”

First, it doesn’t say “if you open the email”, it says if you “open the file”. That’s a big difference — and actually not the way this is spread, but we’ll get to that in a moment.

You already know better than to open email attachments that you’re not expecting — and that you should verify with the sender what it is BEFORE you open it, right? That’s Internet 101. If you don’t know that, please turn in your Internet License at the nearest cyber-cafe — you’re unsafe and making the Internet more dangerous for everyone.

Subsequently you will LOSE EVERYTHING IN YOUR PC

In addition to “losing everything in your pc” apparently the person who sent it gets all of it. Uh, sure. How much data do you have on your computer? Hundreds of gigabytes? And how fast is your internet connection? 2Mbit? So, it’s going to take several weeks of 100% use of your internet connection to transfer all your stuff to “the person who sent it to you”. Not only that, thousands of people probably got the virus, so the “person who sent it to you” is going to be flooded with traffic and will need ridiculous amounts of storage. Sounds impossible, right? Yes, it does. And it is. Again, it’s a scare tactic.

Give me all your money or your computer will be destroyed and then it will be too late!

See, that didn’t work on you, did it?

The anti virus software’s are not capable of destroying it

What? Seriously? The people who make a living out of making anti-virus software, and selling it to you for $50/year can’t “destroy” it? Wow. Sounds like all those people should sue whoever sent this email for slander.

AOL, by the way, isn’t an anti-virus company, so it doesn’t really matter if they have allegedly “already confirmed the severity” of this virus. That’s like your auto mechanic telling you you need to be careful of the set of the blender your kitchen. What do they have to do with each other? Well, they both have motors… but other than that… get my point?

The virus has been created by a hacker

The “hacker” calls himself “life owner”. And this helps us how? Exactly. Superfluous information that isn’t important.

By the way, do you know what a “hacker” is? It’s not what the media wants you to think.

William Shakespere was often referred to as a “hack”, meaning a writer who is paid to write low-quality, quickly put-together articles or books. The term then went on to describe anyone who put out low-quality, quickly put-together “stuff”. Sometime later “-er” was added, meaning “one who hacks”: hacker.

The media then demonized the term — and you fell for it. Don’t worry, you can repent by telling everyone you know what a hacker really is and — more importantly — isn’t. See? I just paid my penance.

PLEASE SEND A COPY OF THIS E-MAIL TO ALL YOUR FRIENDS

Please don’t. This virus is over six months old (I’m writing this in January 2011).

Instead, bake them a batch of cookies with a note that says “have you updated your anti-virus software recently? If not you can’t eat any cookies until you do”. That way they get a batch of cookies AND a legitimate reason to update their anti-virus software — and let’s face it, you’re not going to back 300 batches of cookies, even though you might forward that on to 300 of your friends.

That’s a good rule of thumb: if it’s not worth making a batch of cookies to accompany that note, it’s probably not worth sending. 😉

THIS HAS BEEN CONFIRMED BY SNOPES

This used to mean something, any more it should be considered a red flag. Do you know who Snopes.com is? Snopes is run by Barbara and David Mikkelson of California who have often be called out for having a “liberal bias”. Whether or not you believe that is up to you.

Put simply, Snopes is no different than any other site on the internet. It’s a repository of information — the validity of which needs to be verified. They don’t do anything more than what you could do (or, for that matter, what I’m doing int this post — though I generally cite more credible sources than they do).

So, let’s get back to the email

What should you do to protect yourself from this (or any) virus?

Keep your anti-virus software up-to-date. If you don’t know if your AV software is current assume that its not. I update mine manually every other day. When was the last time you updated yours?

Keep your operating system up-to-date. If you don’t know how to do that, please, take a course, buy a book, or do something to learn how to do it. If you don’t, please get off the internet and stop making it a more dangerous place for the rest of us.

Don’t click on links in emails. Ever. Just because it looks like it’s going one place doesn’t mean it is. For example: SecureYourAccount.CitiBank.com. See?

And, in care you wanted to know, here’s what the original email said:

Subject: READ IMMEDIATELY

Anyone-using Internet mail such as Yahoo, Hotmail, AOL and so on. This information arrived this morning, Direct from both Microsoft and Norton Please send it to everybody you know who has Access to the Internet. You may receive an apparently harmless e-mail titled “Here you have it” If you open the file, a message will appear on your screen saying: ‘It is too late now, your life is no longer beautiful….’

Subsequently you will LOSE EVERYTHING IN YOUR PC, And the person who sent it to you will gain access to your Name, e-mail and password. This is a new virus which started to circulate on Saturday afternoon. AOL has already confirmed the severity, and the anti virus software’s are not capable of destroying it.

The virus has been created by a hacker who calls himself ‘life owner’.

PLEASE SEND A COPY OF THIS E-MAIL TO ALL YOUR FRIENDS, And ask them to PASS IT ON IMMEDIATELY!

just got this today….sept. 22, 2011. people are copying and pasting to facebook and when i read it someone else had already posted the link to this page in the comment section of the post. thanks for the information.